Data, Education, GDPR and Government - Information Management Today

IT Governance Podcast 2023-1: more ransomware attacks on the education sector, and DPC and Meta sued

IT Governance

JANUARY 13, 2023

This week, we discuss a series of ransomware attacks on 30 schools and colleges in the UK, legal action against both Meta and the Irish Data Protection Commission following last year’s massive Facebook GDPR fine, and the third stage of a cyber-defence-in-depth strategy: management.

Education

Education Ransomware Government IT

Government surveying further education providers before Brexit

IT Governance

SEPTEMBER 24, 2019

Among the uncertainty surrounding GDPR (General Data Protection Regulation) compliance – particularly with Brexit complicating things – the UK government has been a reliable source for advice. The GDPR and Brexit. The government’s advice will be invaluable for understanding how to manage your data protection requirements.

Education

Education Government GDPR Compliance

Data breaches grow across UK education sector

IT Governance

NOVEMBER 29, 2018

A recent freedom of information request by chartered accountants UHY Hacker Young reveals a worrying rise in reported data breaches across the UK education sector. Starting at only £300, it can protect organisations from – according to the government – around 80% of all cyber attacks. Combat the most common cyber threats.

Education

Education Data breaches GDPR Government

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

IT Governance

MAY 7, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data scraping is a typically automated process that extracts information from websites, allowing criminals to compile data sets containing personal information.

Data breaches

Data breaches Education Manufacturing Retail

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

National AI Strategy: The UK Government Publishes Its Artificial Intelligence Strategy for the Next Decade

Data Matters

OCTOBER 21, 2021

On 22 September 2021, the UK Government (the “ Government ”) published its Artificial Intelligence (“ AI ”) strategy. The paper outlines the Government’s plan to make Britain a “global superpower” in the AI arena, and sets out an agenda to build the most “pro-innovation regulatory environment in the world”.

Artificial Intelligence

Artificial Intelligence Government Paper IT

GDPR: How the definition of personal data has changed

IT Governance

APRIL 10, 2019

On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. With the Regulation expanding the definition of personal data, many organisations were uncertain as to what the new definition includes. The scope of personal data. What constitutes personal data?

Personal data

Personal data GDPR Education Government

Sign up for the new education sector email updates

IT Governance

AUGUST 2, 2018

To support the wider education sector with data protection and cyber security, we are launching a sector specific email newsletter and blog series. To sign-up, send us ideas of what you would like us to cover or questions for us to answer, please leave complete this form and choose education as your sector. How to sign up.

Education

Education GDPR Data breaches Government

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

The Cyber Security Breaches Survey 2018 from the Department for Digital, Culture, Media and Sport (DCMS) has revealed that only 38% of businesses and 44% of charities have heard of the General Data Protection Regulation (GDPR). Are your staff aware of the GDPR?

GDPR

GDPR Government Education Compliance

What is data governance in healthcare?

Collibra

DECEMBER 16, 2020

The data that healthcare organizations hold is incredibly valuable – it’s perhaps the most valuable asset they have. At an individual level, patient data often contains the key to understanding illness and potential recovery. As a result, data governance in healthcare is non-negotiable. Large volumes of sensitive data.

Government

Government Data Privacy Privacy Communications

More than half of schools not compliant with the GDPR

IT Governance

MAY 2, 2019

Almost one year on from the introduction of new data protection laws, more than half of UK schools and colleges reveal they are not fully compliant. Despite this, 46% cited a lack of security awareness as one of the biggest challenges in complying with data protection regulations. Train staff with e-learning from IT Governance.

GDPR

GDPR Data breaches Compliance Phishing

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant. Transparency is a core principle of the GDPR. Make sure people know they’re being recorded.

GDPR

GDPR Privacy Retail Personal data

What is data governance and why does it matter?

Collibra

FEBRUARY 16, 2022

Data governance is the practice of managing and organizing data and processes to enable collaboration and compliant access to data. Data governance allows users to create value from data assets even under constraints for security and privacy. No , you can’t use the data for that . No, no, no.

Government

Government IT Compliance Privacy

7 steps to highly effective GDPR compliance

IT Governance

AUGUST 21, 2019

The GDPR (General Data Protection Regulation) hasn’t exactly crept up unnoticed over the past year or so, but it’s still caught many organisations by surprise. Meanwhile, although the specifics of Brexit are still unclear, one thing is certain: whatever happens, UK-based organisations will be subject to the GDPR’s requirements.

GDPR

GDPR Compliance Personal data Access

GDPR automated decision-making and profiling: what are the requirements?

IT Governance

NOVEMBER 9, 2018

In addition to data subjects’ rights to be informed, of access, to rectification, to erasure, to restrict processing, to data portability and to object, the EU’s GDPR (General Data Protection Regulation) sets out requirements relating to automated individual decision-making, including profiling.

GDPR

GDPR Personal data Financial Services Compliance

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

The Last Watchdog

AUGUST 23, 2021

With many employees now working remotely, securing company data isn’t as straightforward as it used to be. Inconsistent data regulations. Countries have different data security laws, and these can get in the way of one another. Government Monitoring. Related: Employees as human sensors. companies in China alone.

Communications

Communications Cybersecurity GDPR Risk

The GDPR: A year in review

IT Governance

MAY 23, 2019

A year ago this week, the GDPR (General Data Protection Regulation) took effect, promising to revolutionise information security. To mark the anniversary, we gathered a panel of data protection experts to discuss the effect of the Regulation and the future of data protection. Compliance fatigue’.

GDPR

GDPR Data breaches Compliance Retail

Key Takeaways on eDiscovery/eDisclosure, Info Governance and Collaboration from The Master’s Conference in London

eDiscovery Daily

AUGUST 3, 2023

Know How Data Impacts Cases: With data playing an increasingly crucial role in legal matters, it is essential to have up-to-date Information Governance (IG) policies. Law firms can find ways to help in-house teams with data management if the need exists. Working together ensures the best outcomes for each engagement.

Government

Government Artificial Intelligence Information governance GDPR

6 Tips for Managing eDiscovery for Access Requests for a State or Local Government Organization

eDiscovery Daily

AUGUST 4, 2023

By Catherine Ostheimer Being responsive to the growing number of Access Requests and DSARS as a local government organization can be daunting. First, there’s the data management challenge. State and local groups generate and store vast amounts of data across numerous departments, committees, and systems. Educate and train staff.

Government

Government Access Insurance GDPR

3 tips for successful GDPR staff training

IT Governance

NOVEMBER 21, 2017

Staff awareness should be a major concern for organisations looking to comply with the EU General Data Protection Regulation (GDPR). However, our 2017 GDPR Report found that less than 10% of organisations have provided GDPR staff awareness training to all employees. Why implement a GDPR staff awareness training programme?

GDPR

GDPR Compliance Education Data breaches

Why is the GDPR still something I should be concerned about?

IT Governance

OCTOBER 15, 2018

The EU’s GDPR (General Data Protection Regulation) superseded all laws based on the EU’s Data Protection Directive, including the UK’s Data Protection Act 1998, on 25 May 2018. Some organisations believe that a simple privacy notice is all that is required, but the GDPR actually demands far more than that. .

GDPR

GDPR Data breaches Personal data Data collection

Is your school GDPR-compliant? Use our checklist to find out

IT Governance

MARCH 28, 2019

At the recent ASCL (Association of School and College Leaders) conference , a guest said to us: “The GDPR ? How was it possible for someone to be so misguided about such a well-publicised regulation, the requirements of which have huge ramifications for the way organisations handle personal data? GDPR compliance in schools.

GDPR

GDPR Compliance Data breaches Personal data

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

Security Affairs

JUNE 1, 2021

In today’s world, information and data means money and the people that are stealing the information have now reached new levels of sophistication. Interestingly, close to a half of all affected victims by Prometheus – paid ransom payment or their data has been sold to other parties interested in it. prometheushelp@airmail.cc

Sales

Sales Ransomware Government GDPR

The GDPR has arrived – are you compliant?

IT Governance

JUNE 14, 2018

The EU General Data Protection Regulation (GDPR) has been in effect for almost three weeks now – are you compliant, are you still working towards compliance or are you unsure of where to start? Register for our free webinars to find out how you can get started with your GDPR compliance project. Upcoming webinars.

GDPR

GDPR Compliance Education Risk

Are your staff GDPR trained? Find out what you need to do

IT Governance

OCTOBER 30, 2018

Staff awareness training is a core component of GDPR compliance, yet many organisations haven’t implemented the necessary measures. Verizon estimates than one in four data breaches are caused by insiders. Breaches tend to happen because employees aren’t aware of the risks associated with handling personal data.

GDPR

GDPR Government Data breaches Information Security

Are your staff GDPR trained? Find out what you need to do

IT Governance

OCTOBER 30, 2018

Staff awareness training is a core component of GDPR compliance, yet many organisations haven’t implemented the necessary measures. Verizon estimates than one in four data breaches are caused by insiders. Breaches tend to happen because employees aren’t aware of the risks associated with handling personal data.

GDPR

GDPR Government Data breaches Information Security

How the CCPA and GDPR Are Different

KnowBe4

SEPTEMBER 10, 2019

The California Consumer Privacy Act (CCPA) was introduced just a month after the European Union instituted the General Data Protection Regulation (GDPR), earning the CCPA the nickname of “California’s GDPR.”. While the GDPR has been in effect since May of 2018, the CCPA is on track to become effective on January 1, 2020.

GDPR

GDPR Privacy Personal data Passwords

When are schools required to report personal data breaches?

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. When must breaches be reported?

Personal data

Personal data Data breaches Data collection GDPR

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Publicly disclosed data breaches and cyber attacks: in the spotlight Hathaway breached, 41.5 The compromised data allegedly includes names, email addresses and phone numbers.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

Analysing Data Breaches Caused by Human Error

IT Governance

DECEMBER 21, 2023

To find out, we looked at the ICO’s (Information Commissioner’s Office) public data set , specifically looking into four data breach types caused by human error: Data emailed to incorrect recipient. Data posted or faxed to incorrect recipient. At the time of writing, the data set starts in Q2 2019 and goes up to Q2 2023.

Data breaches

Data breaches Personal data Government GDPR

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

On 16 November 2021, the French data protection supervisory authority (the “CNIL”) published a practical guide (“Guide”) on Data Protection Officers (“DPOs”). Among the organizations that have designated a DPO, the most represented sectors are, unsurprisingly, the public administration, education and health sectors.

GDPR

GDPR Compliance Personal data Communications

62% of organisations unaware of the GDPR

IT Governance

FEBRUARY 23, 2018

There is an alarming lack of awareness across all industries about the EU General Data Protection Regulation (GDPR) , according to a government survey. As you would expect, larger organisations were more likely to be aware of the GDPR. Preparing for the GDPR.

GDPR

GDPR Compliance Insurance Personal data

GDPR priorities in the lead up to May

IT Governance

MARCH 1, 2018

GDPR compliance should be a priority and high on every organisation’s agenda with only three months until the regulation comes into effect on 25 May 2018. Training – make sure those responsible for the project are trained on implementing the GDPR in the workplace.

GDPR

GDPR Compliance Privacy Data breaches

How to implement a GDPR staff awareness training programme

IT Governance

OCTOBER 29, 2018

When organisations look to initiate a GDPR compliance programme, the ‘people’ factor is often overlooked. Yet staff awareness and education are key components of any organisation’s GDPR compliance framework. . Staff awareness training for the GDPR does not mean simply briefing your employees about the Regulation.

GDPR

GDPR Compliance Security awareness Education

How to implement a GDPR staff awareness training programme

IT Governance

OCTOBER 29, 2018

When organisations look to initiate a GDPR compliance programme, the ‘people’ factor is often overlooked. Yet staff awareness and education are key components of any organisation’s GDPR compliance framework. . Staff awareness training for the GDPR does not mean simply briefing your employees about the Regulation.

GDPR

GDPR Compliance Security awareness Education

Only 25% of UK law firms are prepared for the GDPR

IT Governance

NOVEMBER 20, 2017

A recent report from CenturyLink has highlighted a lack of preparation among UK law firms for the upcoming EU General Data Protection (GDPR) compliance deadline. The report questioned more than 150 legal sector IT decision makers in the UK and discovered that only 25% believe they are currently compliant with the GDPR.

GDPR

GDPR Compliance Data breaches Paper

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

With a mammoth GDPR fine handed out to Google last week, it’s time for organisations to reassess their understanding of the Regulation. We’re through the eye of the GDPR (General Data Protection Regulation) storm. Some began to lose faith. It’s Y2K all over again”; a big fuss over nothing. The basics. Who needs to pay attention?

GDPR

GDPR Compliance Personal data Data breaches

54% of universities reported a data breach in the past year

IT Governance

AUGUST 18, 2020

A survey has found that 54% of UK universities reported a data breach to the ICO (Information Commissioner’s Office) in the past 12 months. Of the 86 universities that responded to a Freedom of Information request from security firm Redscan, the majority admitted serious shortcomings in their ability to prevent data breaches.

Data breaches

Data breaches GDPR Education Phishing

Meeting Evolving Business Needs – A Conversation Between RIM Educators and Thought Leaders

Information Governance Perspectives

MAY 8, 2020

Hunter, Dr. Tao Jin, Dr. Patricia Franks, Rae Lynn Haliday, Cheryl Pederson, and Wendy McLain on the topic of Meeting Evolving Business Needs – A Conversation Between RIM Educators and Thought Leaders. But that’s not entirely the role of the Records and Information Governance professional, is it?

Education

Education Digital transformation Search queries Information governance

What are the best books on data privacy?

IT Governance

MARCH 4, 2019

Organisations are always looking for affordable ways to keep their data secure, but sometimes the simplest solutions are the best – and nothing beats the simplicity of a book. The problem, of course, is that there are so many guides to data privacy out there that it’s hard to know which one is right for you. EU GDPR: A Pocket Guide.

Data Privacy

Data Privacy Privacy GDPR Compliance

Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance

Information Governance Perspectives

MAY 10, 2020

In May of 2020 I was honored to speak at the MERv conference with John Frost of Box on the topic of Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance. Privacy makes data governance ethical and tangible, and compliance leaders understand that.

Compliance

Compliance Information governance Privacy Data Privacy

What UK charities need to know about GDPR compliance

IT Governance

AUGUST 2, 2019

If you think that charities might be shown lenience under the GDPR (General Data Protection Regulation) , you’re wrong. The Regulation treats charities in much the same way as any organisation, because although they’re not using personal data to make a profit, they still run the risk of data breaches and privacy violations.

GDPR

GDPR Compliance Personal data Risk

Happy Compliance Officer Day!

Thales Cloud Protection & Licensing

SEPTEMBER 25, 2023

Data breaches, brand damage and financial reputation. This year, Ireland's Data Protection Commission (DPC) issued Meta an eye-watering £1bn fine for mishandling user data. Compliance officers understand and ensure adherence to local, national, and sometimes international laws that govern business practices.

Compliance

Compliance GDPR Risk Education

Data Governance and Business Transformation

Collibra

JANUARY 25, 2019

Collibra organized a Data Governance and Business Transformation seminar in Paris recently, bringing together data managers from the financial, retail, transportation, and logistics industries. Digital transformation remains a central business initiative that relies on data. What Forrester describes as “Data Governance 2.0”

Government

Government Digital transformation Customer Experience Metadata

IT Governance Podcast 2023-1: more ransomware attacks on the education sector, and DPC and Meta sued

Government surveying further education providers before Brexit

Trending Sources

Data breaches grow across UK education sector

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

Security Compliance & Data Privacy Regulations

National AI Strategy: The UK Government Publishes Its Artificial Intelligence Strategy for the Next Decade

GDPR: How the definition of personal data has changed

Sign up for the new education sector email updates

Government survey reveals GDPR awareness is falling short

What is data governance in healthcare?

More than half of schools not compliant with the GDPR

Does your use of CCTV comply with the GDPR?

What is data governance and why does it matter?

7 steps to highly effective GDPR compliance

GDPR automated decision-making and profiling: what are the requirements?

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

The GDPR: A year in review

Key Takeaways on eDiscovery/eDisclosure, Info Governance and Collaboration from The Master’s Conference in London

6 Tips for Managing eDiscovery for Access Requests for a State or Local Government Organization

3 tips for successful GDPR staff training

Why is the GDPR still something I should be concerned about?

Is your school GDPR-compliant? Use our checklist to find out

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

The GDPR has arrived – are you compliant?

Are your staff GDPR trained? Find out what you need to do

Are your staff GDPR trained? Find out what you need to do

How the CCPA and GDPR Are Different

When are schools required to report personal data breaches?

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

Analysing Data Breaches Caused by Human Error

France: The CNIL publishes a practical guide on Data Protection Officers

62% of organisations unaware of the GDPR

GDPR priorities in the lead up to May

How to implement a GDPR staff awareness training programme

How to implement a GDPR staff awareness training programme

Only 25% of UK law firms are prepared for the GDPR

Wake up to the reality of the GDPR: What you need to know about compliance

54% of universities reported a data breach in the past year

Meeting Evolving Business Needs – A Conversation Between RIM Educators and Thought Leaders

What are the best books on data privacy?

Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance

What UK charities need to know about GDPR compliance

Happy Compliance Officer Day!

Data Governance and Business Transformation

Stay Connected